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DETAILED ACTION 

Continued Examination Under 37 CFR Id 14 
A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.114. Applicant's submission filed on June 21 , 2005 has been entered. 

Response to Amendment 
This office action is in response to amendment filed on June 21, 2005. Original 
application contained Claims 1-69. Applicant previously did not amend any claim. Applicant 
currently added new Claims 70-73. The amendment filed on June 21, 2005 have been entered 
and made of record. Therefore, presently pending claims are 1-73. 

Response to Arguments 
Applicant's arguments filed on June 21, 2005 have been fully considered but they are not 
persuasive because of the following reasons: 
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Regarding claim 1-73 applicants argued that the cited prior art (CPA) [Morris] does not 
teach "in protection engine receiving an interface control command, security risk due to 
interface control, state of switch, inhibiting execution of interface " 

This is not found persuasive. Cited prior art teaches and describes method for protection 
system of computer assets and dynamically transforms computer assets (file system) by using set 
of protection programs stored in protection-program support module. The computer assets 
protection system protect computer assets available to a number of users, and has a logical 
structure including an operating system having logical drives, includes protection programs that 
interpret the logical drives as a fixed set of zones on the hard disc for a particular user, each of 
which has respective access rules. A hardware module, responds to the protection programs, to 
either allow or deny access to the hard disc based the access rules. The hardware module has a 
first memory that is inaccessible to the CPU, and a second memory that is accessible to the CPU. 
The protection programs include a protection initialization program which uses an initial key 
program for transferring control, a disc request handler program which uses a disc request 
handler key program for transferring control, a protection control program, and a protection 
control command handler which uses a protection control command handler key program for 
transferring control and for communicating with the protection control program. Therefore, the 
system of cited prior art protect computer assets while permitting multiple user operation, and 
prevents unauthorized access to computer assets by software applications, and permits safe 
servicing of requests which use BIOS (Fig. 1-2, column 1 line 45 to col.6 line 66, and col. 14 line 
10 to line 65). 
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As a result, cited prior art does implement a system that involves computer 
systems protecting computer assets from unauthorized access. 

Applicants clearly have failed to explicitly identify specific claim limitations, which 
would define a patentable distinction over prior arts. Examiner is not trying to teach the 
invention but is merely trying to interpret the claim language in its broadest and reasonable 
meaning. The examiner will not interpret to read narrowly the claim language to read exactly 
from the specification, but will interpret the claim language in the broadest reasonable 
interpretation in view of the specification. Therefore, examiner asserts that cited prior art does 
teach or suggest the subject matter recited in independent claims and dependent claims, and 
claims are rejected reason set forth in the this office action. Accordingly, rejections for claims 1- 
73 are respectfully maintained. 



Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

2. Claims 1-12, 19-21, 24, 27, 33-39, 45-47, 50, 53, 59-61, 64-73, are rejected under 35 U.S.C. 
102(b) as being anticipated by Fisherman et al (USP 5,586,301). 
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As per claim 1, Fisherman et al teach a method for protection of computer assets from 
unauthorized access comprising the steps of: receiving in a protection engine, an interface 
control command (column 3, lines 33-36); determining whether the interface control command 
introduces a security risk (column 4, lines 23-30 and column 5, lines 7-11); when the interface 
control command introduces a security risk, determining a state of a switch (column 4, lines 
20-33); when the state of the switch is a protected state, inhibiting execution of the interface 
control command (column 4, lines 38-42); and when the state of the switch is an unprotected 
state, allowing execution of the interface control command (column 4, 20-24). 

As per claim 33, Fisherman et al teach a method for protection of computer assets from 
unauthorized access comprising the steps of: receiving in a protection engine, an interface 
control command (column 3, lines 33-36); determining whether the interface control command 
introduces a security risk (column 4, lines 23-30 and column 5, lines 7-1 1); 
when the interface control command introduces a security risk, determining whether of a source 
of the interface control command is authentic (column 14, 16-19); when the source of the 
interface control command is not authentic, inhibiting execution of the interface control 
command (column 14, lines 19-24); and when the source of the interface control command is 
authentic, allowing execution of the interface control command (column 14, lines 25-28). 

As per claims 2 and 34, Fisherman et al teach the step of inhibiting execution of the interface 
control command further includes the: step of: providing an indication that the execution of the 
interface control command was inhibited (column 6, line 65). 
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As per claim 3, Fisherman et al teach changing the state of the switch to the protected state when 
a timeout duration has elapsed (column 11, lines 50-53). 

As per claim 4, Fisherman et al teach determining when the execution of the interface control 
command has been completed; and when the execution of the interface control command has 
been completed, changing the state of the switch to the protected state (column 14, lines 30-35). 

As per claim 5, Fisherman et al teach determining the state of an electrical switch (column 4, 
lines 29-30). 

As per claim 6, Fisherman et al teach determining the state of a software-based switch (column 
4, lines 29-30 and 38-42). 

As per claim 7, Fisherman et al teach using cryptographic techniques to determine the state of 
the software-based switch (column 4, lines 25-30). 

As per claims 8 and 35, Fisherman et al teach allowing data to be written to a hard disk drive 
(column 4, lines 23-24). 

As per claims 9 and 36, Fisherman et al teach allowing data to be written to a. boot sector of the 
hard disk drive (column 5, lines 11-15). 
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As per claims 10 and 37, Fisherman et al teach allowing data to be written to a file allocation 
table of the hard disk drive (column 5, lines 16-22). 

As per claims 1 1 and 38, Fisherman et al teach allowing data to be written to a floppy disk drive 
(column 11, lines 65-67). 

As per claims 12, 27, 39, and 53, Fisherman et al teach allowing data to be written to a BIOS 
memory (column 3, lines 55-63). 

As per claims 19 and 45, Fisherman et al teach determining whether the interface control 
command is a hard disk drive formatting command. Fisherman et al teach that the system is able 
to detect write operations to the hard drive (column 5, lines 7-10). Specifically the system can 
detect write commands to the entire cluster (column 5, lines 30-35). Also Fisherman et al teach 
that proposed changes are analyzed in order to prevent unsanctioned changes in the protected 
files and directories. Therefore, it is inherent that Fisherman et al teach determining whether the 
interface control command is a hard disk drive formatting command because a format function 
erases all data from the hard drive partition. 

As per claims 20 and 46, Fisherman et al teach determining whether the interface control 
command is a boot sector write command (column 6, lines 64-66). 



Application/Control Number: 09/586,907 Page 8 

Art Unit: 2131 

As per claims 21 and 47, Fisherman et al teach determining whether the interface control 
command is a program file write command (column 5, lines 26-30). 

As per claims 24 and 50, Fisherman et al teach determining whether the interface control 
command changes a file attribute, the file attribute enabling or disabling execution of a file 
corresponding to the file attribute (column 13, lines 55-65). 

As per claim 59, Fisherman et al teach the step of determining whether the source of the interface 
control command is authentic comprises the step of: issuing a challenge to the source of the 
interface control command (column 14, lines 10-15); receiving a response from the source of the 
interface control command (column 14, lines 16-18); and determining whether the response is 
valid (column 19-22). 

As per claim 60, Fisherman et al teach the step of determining whether the response is valid 
comprises the step of: comparing the response to a mathematical function of a value accessible 
only to the protection engine and to an operating system (column 1, lines 63-66). 

As per claim 61, Fisherman et al teach writing the value from a processor to a one-time-writable 
register in the protection engine (by an operating system) during a boot process (before 
application software is enabled) (column 1, lines 45-55). 
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As per claim 64, Fisherman et al teach an apparatus for protection of computer assets from 
unauthorized access comprising: an interface controller operatively coupled to receive a interface 
control command to control an interface device (column 3, lines 33-36); a switch selectable 
between a protected state and an unprotected state 

(column 4, lines 20-33); a protection engine operatively coupled to the interface controller to 
receive the interface control command (see Fig. 1) and operatively coupled to the switch to 
detect whether the electrical switch is in the protected state or the unprotected state (column 4, 
lines 29-30) to determine whether the interface control command poses a security risk (column 4, 
lines 23-30 and column 5, lines 7-1 1) and to selectively inhibit or allow execution of the 
interface control command by the interface controller depending on whether or not the interface 
control command poses the security risk and depending on whether the switch is in the protected 
state or the unprotected state (column 14, linesl9-28). 

As per claim 65, Fisherman et al teach a timer operatively coupled to the switch to reset the 
switch to the protected state after a period of time has elapsed (column 1 1, lines 50-53). 
As per claim 66, Fisherman et al teach the switch to reset the switch to the protected state after 
an execution of the interface control command has been completed 
(column 14, lines 30-35). 

As per claim 67, Fisherman et al teach an apparatus for protection of computer assets from 
unauthorized access comprising: an interface controller operatively coupled to receive a interface 
control command to control an interface device (column 3, lines 33-36); a protection engine 
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operatively coupled to the interface controller for preventing unauthorized access to the interface 
device and operatively coupled to receive the interface control command to determine whether a 
source of the interface control command is authentic and to selectively allow or inhibit execution 
of the interface control 5 command by the interface controller depending on whether or not the 
source of the interface control command is authentic (column 14, lines 19-34). 

As per claim 68, Fisherman et al teach a one-time- writable register operatively coupled to the 
protection engine to store a value used to determine whether the source of the interface control 
command is authentic (column 1, lines 45-55). 

As per claim 69, Fisherman et al teach the value is accessible only to the protection engine and to 
an operating system (column 1, lines 51-54). 

As per claim 70, a method for protection of computer assets from unauthorized access 
comprising the steps of: receiving in a protection engine, an interface control command (column 
3,line 33-56); determining whether the interface control command introduces a security risk 
determined from at least one of: a type of interface control command, an area of memory 
affected by the interface control command, a device affected by the interface control command, 
data associated with the interface control command, an operand associated with the interface 
control command, and a relationship of the interface control command to another interface 
control command; when the interface control command introduces a security risk, determining a 
state of a switch (Fig. 1-2, column 4, lines 23-30 and column 5, lines 7-11); when the state of the 
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switch is a protected state, inhibiting execution of the interface control command(column 4, lines 
38-42); and when the state of the switch is an unprotected state, allowing execution of the 
interface control command (column 4, 20-24). 

As per claim 71, including: physically changing the state of a hardware switch by a user; 
wherein the step of determining the state of a switch includes the step of determining the state of 
the hardware switch (column 4, lines 26-32). 

As per claim 72, including performing at least one of: inhibiting data to be written to switch 
(column 4, lines 29-30 and 38-42), and allowing data to be written to a hard disk drive in 
response to determining the state of the hardware switch (column 4, lines 23-24) . 

As per claim 73, including: setting at least one bit in at least one of: a register and memory to 
change the state of a software-based switch; wherein the step of determining the state of a switch 
includes the step of determining the state of the software-based switch (column 4, lines 25-42). 



Claim Rejections - 35 USC §103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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3. Claims 13-17, 28-32, 40-44, 54-58 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Fisherman et al in view of Glossary of Information Technology Acronyms and Terms (here 
within GITAT). 

As per claims 13-16, 28-32, 40-44, and 54-58, Fisherman et al teachings controlling write access 
to the hard drive (column 4, lines 20-25). Fisherman et al is silent in disclosing allowing data to 
be written to a parallel port, serial port, USB port, and a IEEE-1394 port. Fisherman et al does 
teach a computer system which controls data access to the system's basic input output system 
(see abstract). GITAT teaches that a parallel port, serial port, USB port, and an IEEE-1394 port 
are examples of computer input output ports (pgs. 138, 248, 295, and 337). One of ordinary skill 
in the art would know how to control the I/O ports of a computer system. It would be 
advantageous to the system's security to only allow authorized entities to have access to write 
data to these ports. An unauthorized person might try to send sensitive data via an output port 
whereas an authorized person may need to use the output port in a legitimate. Clearly, the 
system's security would be highly stronger if the system could control access to the I/O ports. 
In view of this, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to employ the teaching of GITAT within the system of Fisherman et al 
because it would allow the system to grant or deny data written to I/O 
port, thereby greatly improving the system's ability to monitor and control data. 
As per claim 17, Fisherman et al teachings controlling write access to the hard drive (column 4, 
lines 20-25). Fisherman et al is silent in disclosing allowing data to be written to a flash memory 
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device. GIT AT teaches that a flash memory device is a nonvolatile storage chip. Hard drives are 
also nonvolatile. Therefore, Fisherman et al teach controlling data written to nonvolatile 
memory. Fisherman et al disclose a secure system whereby the security comes from monitoring 
and controlling access to memory. 

In view of this, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to employ the teaching of GIT AT within the system of Fisherman et al 
because it would allow the system to control data written to flash memory devices, thereby 
greatly improving the system's ability to monitor and control data. 

4. Claims 18, 25, 26, 51, 52 are rejected under 35 U.S.C. 103(x) as being unpatentable over 
Fisherman et al and GIT AT as applied to claims 1 and 13 above, and further in view of Davis 
(USP 6,205,547). 

As per claims 18, 25, 26, 51, and 52, Fisherman et al teach a system controller which intercepts 
commands to control the hard drive controller (see abstract). 

Fisherman et al fail to teach controlling commands sent to the thermal management controller. 
Davis teaches a thermal management controller which closely monitors and alters a computer's 
systems thermal conditions separately from the operating system (column 6, lines 9-16). Davis 
teaches that CPU fans are controlled by the thermal controller to regulate CPU temperature 
(column 5, lines 40-45). Fisherman's system also works independent of the operating system so it 
too cannot be influenced by processes of the operating system. Davis's thermal management 
controller provides the necessary control to keep the computer system functioning properly. 
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Therefore, it would be highly advantageous to control which entity can write data to the thermal 
controller. Clearly, commands that try to turn off CPU fans, would not be allowed be allowed by 
unauthorized entities. 

In view of this, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to employ the teaching of Davis within the system of Fisherman et al and 
GIT AT because it would permit regulation of the thermal dynamics of the system by providing a 
secure method of communication with the thermal management controller. 

5. Claims 22, 23, 48, 49 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Fisherman et al in view of Chen et al (USP 5,832,208). 

As per claims 22, 23, 48, 49, Fisherman et al teaches a system which analyzes commands which 
change the content of hard disks. Fisherman et al is silent in 

expressing disclosing determining whether the file extension is an executable file extension 
including file extensions of an exe extension, a com extension, a bat extension, or a bin 
extension. Chen et al discloses a system with detects and removes computer viruses (see 
abstract). Specifically, Chen et al discloses that computer viruses are attached to executable files 
with an exe extension, a com extension, a bat extension, or a bin extension so that they may 
infect a system (column 2, lines 8-10). 

In view of this, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to employ the teaching of Chen et al within the system of Fisherman et al 
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because it would allow the system to recognize additional types of commands that could 
potentially harm the computer system. 

6. Claims 62 and 63 are rejected under 35 U.S.C. 103(a) as being unpatentable over Fisherman et 
al in view of Applied Cryptography 2"d Edition (here within AC). 

As per claim 62 and 63, Fisherman et al teach the step of determining whether the response is 
valid comprises the step of comparing the response to the correct response value. Fisherman et al 
are silent in expressly disclosing performing a mathematical operation on the challenge to 
produce a correct response value. AC teaches performing a mathematical operation on the 
challenge to produce a correct response value (pg. 53). AC uses pseudorandom numbers to form 
the challenge value. A mathematical operation is performed on each challenge so that each 
authentication attempt is unique and cannot be replayed. 

In view of this, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to employ the teaching of AP within the system of Fisherman et al because 
it would allow the system to authenticate commands in which each authentication attempt is 
unique and highly secure. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Syed Zia whose telephone number is 571-272-3798. The 
examiner can normally be reached on 9:00 to 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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